Custom credentialing

ABSTRACT

In one example, credentialing method involving a credentialing provider and a client comprising the step of establishing one or more custom credential categories for an entity.

RELATED APPLICATION

This application claims priority under 35 U.S.C. §119 to U.S.Provisional Application No. 62/029,187, entitled “CustomizableCredentialing Software,” by the same inventors, filed 25 Jul. 2014(Atty. Docket No.: VCS2002PSP), the contents of which are hereinincorporated by reference in their entirety.

BACKGROUND

1. Technical Field

Embodiments of the subject matter disclosed herein generally relate tomethods and systems for ensuring that only entities (whether animate orinanimate) meeting pre-set criteria are allowed to enter an environmentthat could be compromised by an entity entering that environment thatdoes not meet the pre-set criteria. In this regard, one embodiment ofthe present invention is directed to custom credentialing, where anyentity desiring entry to (or continued presence in) a heath carefacility must first meet certain pre-set credentials before beingallowed to enter (or remain in) that facility.

2. Discussion of the Background

The modern-day explosion in population, disease, harmful substances,dangerous environments, contamination, and crime has given rise to thefield of credentialing, which generally concerns taking steps to ensurethat people and things are not allowed to go places or encounter thingsthey should not. One example is the health care field. There, a host ofenvironments exist in which it is important that only authorizedpersonnel and/or devices (or other things) be allowed to interact inproximity to one another. In other words, only personnel and/or a devicethat meets a common set of pre-established credentials will be allowedto interact within proximity to one another.

As one non-limiting example, take vendors (e.g., service or productproviders) who wish to enter a health care facility (e.g., a hospital,doctor's office, or emergency care facility) to sell, service, orotherwise offer their third-party offerings to the operators of thehealth care facility. In the past, these individuals may have beenallowed to enter the facility uninterrupted, without any admittancecriteria or standards. The health and safety risks associated with suchuninhibited or “free” access are obvious and, as such, now often areprohibited by Federal, state, local, or best practices guidelines.

As referenced above, the process of controlling vendor access tofacilities is called credentialing. In the health care environment, onemethod of credentialing requires vendors to approach a designatedscreening representative at each health care facility the vendor visits,so that the screening representative can invoke that facility'sestablished protocol for deciding whether to allow the vendor access tothe facility. This method is disfavored due to its burden on personnel,necessary training, consequential front-office congestion, lack ofcontemporaneous access to updated and/or accurate vendor data, and thecosts associated therewith.

Another credentialing option is for the health care facility to use theservices of an outside, third-party credentialing provider. Onewell-known and often-used provider is VCS, Inc. (www.vcsdatabase.com).

These credentialing providers require vendors to register with them sothat the credentialing provider (instead of the health care facility)performs at least the same credentialing the health care facility would,but the credentialing is done off-site from the health care facility andin a manner that each individual vendor's credentials are investigated,verified against the credentials mandated by eachpertinent/participating health care facility, and stored for future use,updating, and network access by the credentialing provider. After avendor is approved, the credentialing provider gives thequalified/credentialed vendor a badge that typically contains a bar codeand possibly other identifying information (such as a photograph), whichthe vendor uses to authenticate himself in two primary respects when heenters a participating health care facility.

First, the bar code on the vendor's badge can be scanned at a kiosk orother scanning facility in the lobby of the health care facility. In theinstance of a kiosk, it typically is computer-implemented and possesseseither local or networked access to a database maintained by thecredentialing provider, such that the kiosk uses the bar code toidentify the vendor and then access and examine the associated vendor'scredentials relative to those mandated by the pertinent health carefacility. Through this computerized process, the kiosk either approvesor denies the vendor's access to the health care facility. This approvalprocess can entail either the printing of an entrance sticker (to beworn by the vendor), open a locked door, or provide other authorizedpassage to the facility.

Second, as mentioned above, while the badge also may provide photoidentification, in those instances in which the kiosk prints an entrancesticker, the kiosk also may print an additional code on the sticker.This additional code provides opportunity for on-the-spot verificationby facility personnel as an added security measure after the vendor hasgained access to the facility.

Problems, however, abound with this credentialing process. Credentialingproviders traditionally have provided health care organizations withlimited different credential categories that all entities (whether theybe vendors, devices, etc.) must fit into. For example, FIG. 1illustrates a prior art credential matrix that is limited to eightdifferent credential levels. (The following acronyms have the followingmeanings: BGC—background check; GWL—government watch list; PST—productspecific training; BBP—blood borne pathogen; MMR—mump-measles-rubella;VAR—varicella; INF—influenza; GHS—general expectations and hospitalsafety course.) In other words, every entity that desires access to ahealth care facility would have to be “pigeon-holed” (by the health careorganization and the credentialing provider) into one or more of theselevels because that was all the prior art credentialing servicesoffered. Once the health care organization chose one of thepre-established credential levels for each entity (and communicated thatlevel to the credentialing provider), the credentialing provider wouldrequire the entity to meet the designated requirements for that levelbefore providing the entity a badge, bar code, or other means of gainingauthorized access into the health care facility.

These pre-established credential levels were inflexible and proved to betoo limiting because they were incapable of encompassing all the variousother credential categories (and/or levels within categories) a healthcare organization might want, need, or desire. Moreover, not all healthcare organizations are similarly situated in the sense of having thesame needs or desiring the same level of flexibility in theircredentialing process. For example, while the eight prior art credentiallevels were designed to accommodate vendors to health care facilities,other/different credential categories might better serve other entitiesseeking access to the facility, such as volunteers, students,contractors, equipment, etc. Likewise, there exists a need foradditional, specific credential categories even within theseother/different categories such as, in the case of contractors,credential subcategories for plumbers, electricians, elevator repair,etc. Still further, instead of the limited number of access levels (andtheir associated criteria) afforded by the prior art for a particularcategory, there exists a need for unlimited access levels (andcorresponding unlimited criteria associated therewith) for allcategories and/or subcategories offered. In essence, the need for anentirely new credentialing paradigm exists.

SUMMARY

The present invention addresses the disadvantages and drawbacks ofcurrent credentialing processes and the apparatuses associatedtherewith.

As an example, the present invention replaces the prior artcredentialing process with a customized credentialing process. Acustomized credentialing process enables credentialing providers to workwith clients (such as a health care organization) to create a credentialmatrix tailored specifically to the client's needs, i.e., one no longertied to (or limited by) the credentialing provider's pre-ordainedcredential matrix. Such customized credentials also distinguish over thefixed or otherwise limited credential matrixes in the prior art byproviding the credentialing provider and/or the client access to entitydata unavailable (and unattainable) in prior art credentialingprocesses.

Variants of the present invention are possible and within the scope ofthis disclosure, whether expressly identified or not.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated herein and constitutea part of the specification, illustrate either the prior art or one ormore exemplary embodiments of the present invention. In the drawings:

FIG. 1 is a prior art credential matrix.

DETAILED DESCRIPTION

The following detailed description does not limit the invention.Instead, the scope of the invention is defined by the appended claims.

Reference throughout the specification to “one embodiment” or “anembodiment” means that a particular feature, structure or characteristicdescribed in connection with an embodiment is included in at least oneembodiment of the subject matter disclosed. Thus, the appearance of thephrases “in one embodiment” or “in an embodiment” (or variants thereof)in various places throughout the specification is not necessarilyreferring to the same embodiment. Further, the particular features,structures, or characteristics may be combined in any suitable manner inone or more embodiments.

One embodiment of the present invention includes a method of interactionbetween a credentialing provider and its client. The client can be anyentity, organization, or individual that takes advantage of the servicesoffered by the credentialing provider. Whereas the prior art enabledcredentialing providers to offer clients a fixed credential matrix suchas that shown in FIG. 1, the present invention is not so limited, inthat the credentialing provider now can—by taking advantage of thepresent invention—offer custom credential categories, access levels, andassociated criteria, each with their attendant advantages.

A custom credential category comprises an entity or class of entitiesthat are the subject of the credentialing process. The “entity” referredto here can be anyone or anything the client chooses, such as a person,group, organization, species, device, machine, substance, contact,maintenance schedule, or other object (whether animate or inanimate).For example, whereas the prior art provided a category for vendors, thepresent invention could provide additional, separate categories forvolunteers, students, contractors, translators, equipment, devices, etc.The limits of and options for different categories are at the client'schoosing.

Each custom credential category may have one or more associated customcredential access levels. For example, whereas the prior art providedeight different access levels, the present invention could provideadditional, separate levels up to the number of the client's choosing.Each custom credential access level may comprise criteria designated bythe client, where the criteria constitutes the set of requirements thecredentialing provider is directed (by the client) to ensure an entitypasses before provider “credentials” that entity for that level. Thelimits and options for different levels and their corresponding criteriaare at the client's choosing.

Once the client identifies and communicates (to the credentialingprovider) the desired custom credential categories, the number of levelsassociated with each category, and the criteria for each level, thecredentialing provider and each entity (assuming the entity is a person)interact to ensure the entity meets all the designated criteriaapplicable to that entity. If all the criteria are met, thecredentialing provider enables the entity to access the client'sfacility, as is otherwise known in the art. If all the criteria are notmet, the credentialing provider disables the entity from accessing theclient's facility, as is otherwise known in the art. (For thoseinstances in which the entity is not a person, the pertinent criteriapossessed by that entity are otherwise provided to the credentialingprovider by whoever is authorized to act on behalf of the entity.)

In another embodiment, a custom credential category may include asubcategory or subcategories of custom credential categories. Asexplained above, while the prior art provided a fixed credential matrixfor vendors, custom credentialing provided by the present invention nowallows credential categories to be attributed to any number of othercategories of entities the client chooses, such as credential categoriesfor volunteers, students, contractors, translators, equipment, devices,etc. If the client chooses, each category can include one or moresubcategories of entities. For example, if a custom credential categorywas selected for contractors, one or more custom subcategories ofcontractors could also be created, such as a subcategory for plumbers, asubcategory for electricians, a subcategory for elevator repairpersonnel, and so on. As it was for the custom credential categories,the limits of and options for different subcategories are at theclient's choosing.

In another embodiment, custom subcategories of entities may have one ormore associated custom credential access levels, where each levelcomprises criteria the client designates as constituting the set ofrequirements the credentialing provider is directed (by the client) toensure an entity must pass in order for the entity to be “credentialed”for that level. For example, assume the client created a customcredential category for vendors. The client could then create customcredential subcategories for plumbers, electricians, and elevator repairpersonnel, where each of those subcategories could include customercredential levels and associated criteria. Note that the customcredential levels and associated criteria are selected by the client andneed not be the same across each category or subcategory. In thatinstance, there would be certain criteria for the access levels in thesubcategory of plumbers, other criteria for the access levels in thesubcategory of electricians, and still other criteria for the accesslevels in the subcategory of elevator repair personnel. The client couldeven allocate a subcategory and an access level therein with itscorresponding criteria on a person-by-person basis, so that eachperson/contractor had his or her own “personalized” credential criteriadesignated by the client. Still further, each subcategory could have yetanother subcategory (with its own corresponding access levels andassociated criteria), where the limit of these sub-subcategories is atthe client's discretion.

In yet another embodiment, custom credentialing allows the client,credentialing provider, or anyone with access to the customcredentialing data to “mine” that data in ways that were not possiblewith a prior art fixed credential matrix such as the one shown inFIG. 1. For example, a health care facility could mine its credentialingdatabase to separately identify any or all of its credentialed entities,such as all of its vendors, volunteers, students, contractors,translators, equipment, devices, etc. Likewise, again using the“contractors” category as an example, through the use of subcategories,the credentialing database could be mined to separately identify eachcredentialed plumber, electrician, elevator repairman, etc.

While simply being able to identify categories or subcategories ofcredentialed entities in this manner is an advance over the prior art,credentialing using customized categories and subcategories affordsstill additional advantages. One example is communication. If acredentialing provider or client desires to communicate (via email,phone, text, facsimile, mail, etc.) with one or more categories orsubcategories of its credentialed entities, it now can do sosince—through use of the present invention—those entities can beidentified and distinguished from other credentialed entities, and theirassociated contact information (relationally stored with each entity'sother credential information) can be used to communicate with theentity.

Another example is entity tracking. Since entity data now (as a resultof the present invention) can be stored on a category and subcategorybasis (all the way down to each individual in a category orsubcategory), further relational data can be associated with thosecategories and subcategories, such as when (i.e., the date and time) anentity enters a health care facility. (In this instance, for example,the present invention logs the day and time an entity scans his or herbar code when gaining access to the facility.) In this case, thefacility can mine the relational nature of its credential data toidentify every vendor, volunteer, student, etc. who entered the facilityon a given day or over a given time period. Likewise, for the case inwhich the entity is a device that requires periodic maintenance, amaintenance schedule can be relationally associated with that entity'scredential data so that such data (1) can be accessed to determine whenmaintenance is necessary, or (2) to automatically raise an alarm whenmaintenance is necessary.

While examples of communication and tracking have been provided, otherdata mining, notification, and other options are possible (as will beappreciated by those skilled in the art) due to the custom credentialingprocess described above. In that regard, as indicated above, it shouldbe understood that this description is not intended to limit theinvention. On the contrary, the exemplary embodiments are intended tocover alternatives, modifications, and equivalents, which are includedin the spirit and scope of the invention as defined by the appendedclaims. Further, in the detailed description of the exemplaryembodiments, numerous specific details are set forth in order to providea comprehensive understanding of the claimed invention. However, oneskilled in the art would understand that various embodiments may bepracticed without such specific details.

Although the features and elements of the present exemplary embodimentsare described in the embodiments in particular combinations, eachfeature or element can be used alone without the other features andelements of the embodiments or in various combinations with or withoutother features and elements disclosed herein.

This written description uses examples of the subject matter disclosedto enable any person skilled in the art to practice the same, includingmaking and using any devices or systems and performing any incorporatedmethods. The patentable scope of the subject matter is defined by theclaims, and may include other examples that occur to those skilled inthe art. Such other examples are intended to be within the scope of theclaims.

What is claimed is:
 1. A credentialing method involving a credentialingprovider and a client comprising the step of establishing one or morecustom credential categories for an entity.
 2. The method of claim 1wherein at least one of the custom credential categories includes one ormore custom access levels.
 3. The method of claim 2 wherein at least oneof the custom access levels includes criteria an entity must satisfybefore becoming credentialed.
 4. The method of claim 3 including thestep of the credentialing provider interacting with the entity (orsomeone acting on behalf of the entity) to ensure the entity satisfiesall the criteria associated with that entity.
 5. The method of claim 4wherein the credentialing provider enables the entity to access aclient's facility if all its associated criteria are satisfied.
 6. Themethod of claim 5 wherein the credentialing provider disables the entityfrom accessing a client's facility if all its associated criteria arenot satisfied.
 7. The method of claim 6 wherein at least one of thecustom credential categories includes a subcategory of custom credentialcategories for an entity.
 8. The method of claim 7 wherein thesubcategory of custom credential categories includes one or more customaccess levels.
 9. The method of claim 8 wherein at least one of thecustom access levels for a subcategory includes criteria an entity mustsatisfy before becoming credentialed.
 10. The method of claim 9 whereinthe criteria included in a custom access level for a custom credentialcategory is different from the criteria included in a custom accesslevel for another custom credential category.
 11. The method of claim 10wherein the criteria included in a custom access level for a customcredential subcategory is different from the criteria included in acustom access level for another custom credential subcategory.
 12. Themethod of claim 11 wherein the client is an organization or individualthat takes advantage of the services offered by the credentialingprovider.
 13. The method of claim 12 wherein the entity is a person,group, organization, species, device, machine, substance, contact,maintenance schedule, or other object (whether animate or inanimate).14. A method comprising the steps of populating a database with customcredentialing data and then mining that data to identify one or morecredentialed entities.
 15. The method of claim 14 further comprising thestep of mining said data to communicate with one or more credentialedentities.
 16. The method of claim 14 further comprising the step ofmining said data to track one or more credentialed entities.